<?php

class db{
    
	private $sql;
	private $query;
	public $onerow;
	public $results;
	
	//function __construct($host = "", $user = "piedu_user", $pass = "q&&^%@8ezO8+", $db = "piedu_db") {
	function __construct($host = "", $user = "root", $pass = "123", $db = "piedu_db") {
        $this->conn = mysql_connect($host, $user, $pass) or die("No se pudo conectar");
		mysql_select_db($db);
    }
	
	public function execute($sql, $mode = "none"){
		
		$this->result = array();
		
		switch($mode){
			case "none":
				$this->sql = $this->clean($sql);
				$this->query = mysql_query($this->sql, $this->conn);
				if($this->query != false && mysql_affected_rows($this->conn)){
					return true;
				} else {
					return false;
				}
				break;
			case "onerow": //select statement
				$this->sql = $this->clean($sql);
				$this->query = mysql_query($this->sql, $this->conn);
				if($this->query != false && mysql_num_rows($this->query)){
					$this->result = mysql_fetch_assoc($this->query);
				} else {
					$this->result = false;
				}
				break;
			case "all": //select statement
				$this->sql = $this->clean($sql);
				$this->query = mysql_query($this->sql, $this->conn);
				if($this->query != false && mysql_num_rows($this->query)){
					while($this->row = mysql_fetch_assoc($this->query)){
						$this->result[] = $this->row;
					}
				} else {
					$this->result = false;
				}
				break;
		}
		return $this->result;
		
	}
	
	function clean($tainted, $mode = "sql"){
		switch($mode){
			case "sql":
				return preg_replace("/[^a-zA-Z0-9=@\!\-_'\.%\?:\*,\&\;\(\)<>\s]/", "", $tainted);
				break;
		}
	}
	
	
}

?>